40 matches found
CVE-2026-21517
Improper link resolution before file access 'link following' in Windows App for Mac allows an authorized attacker to elevate privileges locally...
PT-2026-7402
Name of the Vulnerable Software and Affected Versions Windows App for Mac affected versions not specified Description A flaw in how the Windows App for Mac handles link resolution before file access, known as 'link following', could allow a local attacker to gain higher privileges. The issue was...
New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords
Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
EUVD-2025-203922
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
CVE-2025-13326 affects Mattermost Desktop App on macOS versions prior to 6.0.0, failing to enable the Hardened Runtime in Mac App Store builds. This allows an attacker to inherit TCC permissions by copying the binary to a temporary folder. Affected component is the Mattermost Desktop App binary; ...
CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
Mattermost Desktop App 安全漏洞
Mattermost Desktop App is a messaging desktop application from Mattermost USA. A security vulnerability exists in Mattermost Desktop App versions prior to 6.0.0, which stems from the failure to enable the hardened runtime when packaging for the Mac App Store, and could result in inheriting TCC...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
EUVD-2025-197904
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
CVE-2025-12792 describes a vulnerability in the Mac App Store distribution of the Canva for Mac desktop app prior to 1.117.1. The issue stems from the app being built without Hardened Runtime, enabling a local threat actor with unprivileged access to execute arbitrary code that inherits the app’s...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
EUVD-2016-8680
Malware in sbrugna...
EUVD-2022-47508
Malicious code in bioql PyPI...
MAL-2025-2772 Malicious code in macappstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0467c582858f86d97b65e2ac8bcbe719cd97323136272b766d45045822a7baab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...